package org.wso2.carbon.andes.authorization.service.andes;

import java.security.Principal;
import javax.security.auth.Subject;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.log4j.Logger;
import org.wso2.andes.server.configuration.plugins.ConfigurationPlugin;
import org.wso2.andes.server.security.AbstractPlugin;
import org.wso2.andes.server.security.Result;
import org.wso2.andes.server.security.SecurityManager;
import org.wso2.andes.server.security.SecurityPluginFactory;
import org.wso2.andes.server.security.access.ObjectProperties;
import org.wso2.andes.server.security.access.ObjectType;
import org.wso2.andes.server.security.access.Operation;
import org.wso2.carbon.andes.authorization.andes.QpidAuthorizationHandler;
import org.wso2.carbon.andes.authorization.internal.AuthorizationServiceDataHolder;
import org.wso2.carbon.core.multitenancy.SuperTenantCarbonContext;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.service.RealmService;

/* loaded from: input_file:org/wso2/carbon/andes/authorization/service/andes/QpidAuthorizationPlugin.class */
public class QpidAuthorizationPlugin extends AbstractPlugin {
    private static final String DOMAIN_NAME_SEPARATOR = "!";
    private static final Logger logger = Logger.getLogger(QpidAuthorizationPlugin.class);
    public static final SecurityPluginFactory<QpidAuthorizationPlugin> FACTORY = new SecurityPluginFactory<QpidAuthorizationPlugin>() { // from class: org.wso2.carbon.andes.authorization.service.andes.QpidAuthorizationPlugin.1
        /* renamed from: newInstance, reason: merged with bridge method [inline-methods] */
        public QpidAuthorizationPlugin m4newInstance(ConfigurationPlugin configurationPlugin) throws ConfigurationException {
            return new QpidAuthorizationPlugin();
        }

        public String getPluginName() {
            return QpidAuthorizationPlugin.class.getName();
        }

        public Class<QpidAuthorizationPlugin> getPluginClass() {
            return QpidAuthorizationPlugin.class;
        }
    };

    /* renamed from: org.wso2.carbon.andes.authorization.service.andes.QpidAuthorizationPlugin$2, reason: invalid class name */
    /* loaded from: input_file:org/wso2/carbon/andes/authorization/service/andes/QpidAuthorizationPlugin$2.class */
    static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$org$wso2$andes$server$security$access$Operation = new int[Operation.values().length];

        static {
            try {
                $SwitchMap$org$wso2$andes$server$security$access$Operation[Operation.UNBIND.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$wso2$andes$server$security$access$Operation[Operation.DELETE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$wso2$andes$server$security$access$Operation[Operation.CREATE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$wso2$andes$server$security$access$Operation[Operation.BIND.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$wso2$andes$server$security$access$Operation[Operation.PUBLISH.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$wso2$andes$server$security$access$Operation[Operation.CONSUME.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    public Result access(ObjectType objectType, Object obj) {
        if (((Principal) SecurityManager.getThreadSubject().getPrincipals().toArray()[0]) == null) {
            return getDefault();
        }
        if (objectType == ObjectType.VIRTUALHOST) {
            return Result.ALLOWED;
        }
        return Result.DENIED;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:33:0x00ea. Please report as an issue. */
    /* JADX WARN: Failed to find 'out' block for switch in B:3:0x000b. Please report as an issue. */
    public Result authorise(Operation operation, ObjectType objectType, ObjectProperties objectProperties) {
        try {
            SuperTenantCarbonContext.startTenantFlow();
        } catch (Exception e) {
            logger.error("Error while invoking QpidAuthorizationHandler", e);
        } finally {
            SuperTenantCarbonContext.endTenantFlow();
        }
        switch (AnonymousClass2.$SwitchMap$org$wso2$andes$server$security$access$Operation[operation.ordinal()]) {
            case 1:
                Result handleUnbindQueue = QpidAuthorizationHandler.handleUnbindQueue(objectProperties);
                SuperTenantCarbonContext.endTenantFlow();
                return handleUnbindQueue;
            case 2:
                if (ObjectType.EXCHANGE == objectType) {
                    Result result = Result.ALLOWED;
                    SuperTenantCarbonContext.endTenantFlow();
                    return result;
                }
                if (ObjectType.QUEUE == objectType) {
                    Result handleDeleteQueue = QpidAuthorizationHandler.handleDeleteQueue(objectProperties);
                    SuperTenantCarbonContext.endTenantFlow();
                    return handleDeleteQueue;
                }
            default:
                Subject threadSubject = SecurityManager.getThreadSubject();
                Principal principal = null;
                if (threadSubject != null) {
                    principal = (Principal) threadSubject.getPrincipals().toArray()[0];
                }
                if (principal == null) {
                    Result result2 = getDefault();
                    SuperTenantCarbonContext.endTenantFlow();
                    return result2;
                }
                String name = principal.getName();
                UserRealm userRealm = getUserRealm(name);
                if (name.indexOf(DOMAIN_NAME_SEPARATOR) > -1) {
                    SuperTenantCarbonContext.getCurrentContext().setTenantDomain(name.substring(name.indexOf(DOMAIN_NAME_SEPARATOR) + 1));
                    SuperTenantCarbonContext.getCurrentContext().getTenantId(true);
                } else {
                    SuperTenantCarbonContext.getCurrentContext().setTenantId(0);
                }
                int indexOf = name.indexOf(DOMAIN_NAME_SEPARATOR);
                if (-1 != indexOf) {
                    name = name.substring(0, indexOf);
                }
                switch (AnonymousClass2.$SwitchMap$org$wso2$andes$server$security$access$Operation[operation.ordinal()]) {
                    case 3:
                        if (ObjectType.EXCHANGE == objectType) {
                            Result result3 = Result.ALLOWED;
                            SuperTenantCarbonContext.endTenantFlow();
                            return result3;
                        }
                        if (ObjectType.QUEUE == objectType) {
                            Result handleCreateQueue = QpidAuthorizationHandler.handleCreateQueue(name, userRealm, objectProperties);
                            SuperTenantCarbonContext.endTenantFlow();
                            return handleCreateQueue;
                        }
                    case 4:
                        Result handleBindQueue = QpidAuthorizationHandler.handleBindQueue(name, userRealm, objectProperties);
                        SuperTenantCarbonContext.endTenantFlow();
                        return handleBindQueue;
                    case 5:
                        Result handlePublishToExchange = QpidAuthorizationHandler.handlePublishToExchange(name, userRealm, objectProperties);
                        SuperTenantCarbonContext.endTenantFlow();
                        return handlePublishToExchange;
                    case 6:
                        Result handleConsumeQueue = QpidAuthorizationHandler.handleConsumeQueue(name, userRealm, objectProperties);
                        SuperTenantCarbonContext.endTenantFlow();
                        return handleConsumeQueue;
                    default:
                        return Result.DENIED;
                }
        }
    }

    private String getRawQueueName(String str) {
        return str.substring(str.indexOf(":") + 1, str.length());
    }

    private static UserRealm getUserRealm(String str) {
        UserRealm userRealm = null;
        RealmService realmService = AuthorizationServiceDataHolder.getInstance().getRealmService();
        if (null != realmService) {
            try {
                int i = -1234;
                int indexOf = str.indexOf(DOMAIN_NAME_SEPARATOR);
                if (-1 != indexOf) {
                    i = realmService.getTenantManager().getTenantId(str.substring(indexOf + 1));
                }
                userRealm = realmService.getTenantUserRealm(i);
            } catch (NullPointerException e) {
                logger.error("Error while accessing the realm service : " + e.getMessage());
            } catch (UserStoreException e2) {
                logger.warn("Error while getting tenant user realm for user " + str);
            }
        }
        return userRealm;
    }
}
